IT Policy blocking OTA Software Configurations
Hello,
Our company recently deployed a very restrictive IT Policy. Since we've deployed the policy we are unable to push applications OTA. I've created a second IT Policy that has less restrictions such as enabling 3rd party apps but I am still unable to successfully push an app(in this case RSA software token). The only way I am able to push OTA is if I put the device into a non-resrtictive IT Policy, one with nothing enabled. My question is which setting in our Policy is preventing OTA installs (excluding the disabled 3rd party apps option)? Here are the settings... HANDHELD POLICY SETTINGS: IT Policy Name = "Secured Policy - Outgoing Call Enabled" Password Required = TRUE Allow Peer-to-Peer Messages = TRUE Minimum Password Length = 6 User Can Disable Password = FALSE Maximum Security Timeout = 20 Maximum Password Age = 90 User Can Change Timeout = TRUE Password Pattern Checks = 0 Enable Long-Term Timeout = TRUE Allow SMS = TRUE Enable WAP Config = TRUE Common Policy Group: Disable MMS = TRUE Set Owner Name = "Blackberry" Set Owner Info = IT Policy Notification = FALSE Lock Owner Info = 3 Password Policy Group: Periodic Challenge Time = 60 Maximum Password History = 5 Suppress Password Echo = TRUE Set Maximum Password Attempts = 5 Set Password Timeout = 20 Security Policy Group: Disable Public Social Networking Applications = TRUE Disable Public Photo Sharing Applications = TRUE Allow Smart Card Password Caching = FALSE Disable IP Modem = FALSE Disable Unverified Certificate Use = TRUE Minimal Encryption Key Store Security Level = 2 Minimal Signing Key Store Security Level = 2 Disable Persisted Plain Text = TRUE Disable 3DES Transport Crypto = FALSE Disable Unverified CRLs = TRUE Allow Outgoing Call When Locked = TRUE FIPS Level = 2 Disable Forwarding Between Services = TRUE Disable Radio When Cradled = 0 Disable Stale Status Use = TRUE Certificate Status Maximum Expiry Time = 4 Disable Key Store Backup = TRUE Disable Weak Certificate Use = TRUE Disable Invalid Certificate Use = TRUE Allow Split-Pipe Connections = FALSE Allow External Connections = TRUE Allow Internal Connections = TRUE Allow Third Party Apps to Use Serial Port = TRUE Disallow Third Party Application Downloads = TRUE Certificate Status Cache Timeout = 1 Disable Key Store Low Security = TRUE Disable Peer-to-Peer Normal Send = TRUE Disable Message Normal Send = FALSE Disable Revoked Certificate Use = TRUE Disable Untrusted Certificate Use = TRUE SMIME Application Policy Group: SMIME Minimum Strong DSA Key Length = 1024 SMIME Allowed Content Ciphers = 00100001 (33) SMIME Minimum Strong ECC Key Length = 163 SMIME Minimum Strong DH Key Length = 1024 SMIME Minimum Strong RSA Key Length = 1024 TLS Application Policy Group: TLS Disable Invalid Connection = 0 TLS Minimum Strong ECC Key Length = 163 TLS Minimum Strong DH Key Length = 1024 TLS Minimum Strong RSA Key Length = 1024 TLS Disable Untrusted Connection = 0 TLS Disable Weak Ciphers = 0 Browser Policy Group: Disable Java Script in Browser = TRUE DESKTOP POLICY SETTINGS: Show Application Loader = FALSE Force Load Count = 0 Auto Backup Enabled = TRUE Auto Backup Include All = TRUE Show Web Link = FALSE Do Not Save Sent Messages = FALSE Desktop Policy Group: Desktop Allow Device Switch = FALSE Desktop Allow Desktop Add-ins = TRUE Desktop Password Cache Timeout = 10 Service Exclusivity Policy Group: Allow Public Yahoo! Messenger Services = FALSE Allow Other Browser Services = TRUE |
Disallow Third Party Application Downloads = TRUE
Set this to FALSE and try again. Perhaps you first have to resend the policy to the affected device. |
I've already tried that as stated in my post.
(excluding the disabled 3rd party apps option) |
Help
Someone? Anyone? HELP!
|
What happens if you push the Default IT Policy to a test device and then try pushing the software config? Does it still fail?
I'm wondering if some security value (Firewall, perhaps) got changed with the restrictive IT Policy, and may have to be changed back manually.... |
All times are GMT -5. The time now is 05:04 PM. |
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.